<?php
/**
 * CodeIgniter
 *
 * An open source application development framework for PHP
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2014 - 2016, British Columbia Institute of Technology
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package    CodeIgniter
 * @author    EllisLab Dev Team
 * @copyright    Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
 * @copyright    Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
 * @license    http://opensource.org/licenses/MIT	MIT License
 * @link    https://codeigniter.com
 * @since    Version 3.0.0
 * @filesource
 */
defined('BASEPATH') OR exit('No direct script access allowed');

/**
 * CodeIgniter Session Redis Driver
 *
 * @package    CodeIgniter
 * @subpackage    Libraries
 * @category    Sessions
 * @author    Andrey Andreev
 * @link    https://codeigniter.com/user_guide/libraries/sessions.html
 */
class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface
{

    /**
     * phpRedis instance
     *
     * @var    resource
     */
    protected $_redis;

    /**
     * Key prefix
     *
     * @var    string
     */
    protected $_key_prefix = 'ci_session:';

    /**
     * Lock key
     *
     * @var    string
     */
    protected $_lock_key;

    /**
     * Key exists flag
     *
     * @var bool
     */
    protected $_key_exists = FALSE;

    // ------------------------------------------------------------------------

    /**
     * Class constructor
     *
     * @param    array $params Configuration parameters
     * @return    void
     */
    public function __construct(&$params)
    {
        parent::__construct($params);

        if (empty($this->_config['save_path'])) {
            log_message('error', 'Session: No Redis save path configured.');
        } elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) {
            isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below
            $this->_config['save_path'] = array(
                'host' => $matches[1],
                'port' => empty($matches[2]) ? NULL : $matches[2],
                'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL,
                'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int)$match[1] : NULL,
                'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float)$match[1] : NULL
            );

            preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1];
        } else {
            log_message('error', 'Session: Invalid Redis save path format: ' . $this->_config['save_path']);
        }

        if ($this->_config['match_ip'] === TRUE) {
            $this->_key_prefix .= $_SERVER['REMOTE_ADDR'] . ':';
        }
    }

    // ------------------------------------------------------------------------

    /**
     * Open
     *
     * Sanitizes save_path and initializes connection.
     *
     * @param    string $save_path Server path
     * @param    string $name Session cookie name, unused
     * @return    bool
     */
    public function open($save_path, $name)
    {
        if (empty($this->_config['save_path'])) {
            return $this->_fail();
        }

        $redis = new Redis();
        if (!$redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) {
            log_message('error', 'Session: Unable to connect to Redis with the configured settings.');
        } elseif (isset($this->_config['save_path']['password']) && !$redis->auth($this->_config['save_path']['password'])) {
            log_message('error', 'Session: Unable to authenticate to Redis instance.');
        } elseif (isset($this->_config['save_path']['database']) && !$redis->select($this->_config['save_path']['database'])) {
            log_message('error', 'Session: Unable to select Redis database with index ' . $this->_config['save_path']['database']);
        } else {
            $this->_redis = $redis;
            return $this->_success;
        }

        return $this->_fail();
    }

    // ------------------------------------------------------------------------

    /**
     * Read
     *
     * Reads session data and acquires a lock
     *
     * @param    string $session_id Session ID
     * @return    string    Serialized session data
     */
    public function read($session_id)
    {
        if (isset($this->_redis) && $this->_get_lock($session_id)) {
            // Needed by write() to detect session_regenerate_id() calls
            $this->_session_id = $session_id;

            $session_data = $this->_redis->get($this->_key_prefix . $session_id);

            is_string($session_data)
                ? $this->_key_exists = TRUE
                : $session_data = '';

            $this->_fingerprint = md5($session_data);
            return $session_data;
        }

        return $this->_fail();
    }

    // ------------------------------------------------------------------------

    /**
     * Get lock
     *
     * Acquires an (emulated) lock.
     *
     * @param    string $session_id Session ID
     * @return    bool
     */
    protected function _get_lock($session_id)
    {
        // PHP 7 reuses the SessionHandler object on regeneration,
        // so we need to check here if the lock key is for the
        // correct session ID.
        if ($this->_lock_key === $this->_key_prefix . $session_id . ':lock') {
            return $this->_redis->setTimeout($this->_lock_key, 300);
        }

        // 30 attempts to obtain a lock, in case another request already has it
        $lock_key = $this->_key_prefix . $session_id . ':lock';
        $attempt = 0;
        do {
            if (($ttl = $this->_redis->ttl($lock_key)) > 0) {
                sleep(1);
                continue;
            }

            if (!$this->_redis->setex($lock_key, 300, time())) {
                log_message('error', 'Session: Error while trying to obtain lock for ' . $this->_key_prefix . $session_id);
                return FALSE;
            }

            $this->_lock_key = $lock_key;
            break;
        } while (++$attempt < 30);

        if ($attempt === 30) {
            log_message('error', 'Session: Unable to obtain lock for ' . $this->_key_prefix . $session_id . ' after 30 attempts, aborting.');
            return FALSE;
        } elseif ($ttl === -1) {
            log_message('debug', 'Session: Lock for ' . $this->_key_prefix . $session_id . ' had no TTL, overriding.');
        }

        $this->_lock = TRUE;
        return TRUE;
    }

    // ------------------------------------------------------------------------

    /**
     * Write
     *
     * Writes (create / update) session data
     *
     * @param    string $session_id Session ID
     * @param    string $session_data Serialized session data
     * @return    bool
     */
    public function write($session_id, $session_data)
    {
        if (!isset($this->_redis)) {
            return $this->_fail();
        } // Was the ID regenerated?
        elseif ($session_id !== $this->_session_id) {
            if (!$this->_release_lock() OR !$this->_get_lock($session_id)) {
                return $this->_fail();
            }

            $this->_key_exists = FALSE;
            $this->_session_id = $session_id;
        }

        if (isset($this->_lock_key)) {
            $this->_redis->setTimeout($this->_lock_key, 300);
            if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) {
                if ($this->_redis->set($this->_key_prefix . $session_id, $session_data, $this->_config['expiration'])) {
                    $this->_fingerprint = $fingerprint;
                    $this->_key_exists = TRUE;
                    return $this->_success;
                }

                return $this->_fail();
            }

            return ($this->_redis->setTimeout($this->_key_prefix . $session_id, $this->_config['expiration']))
                ? $this->_success
                : $this->_fail();
        }

        return $this->_fail();
    }

    // ------------------------------------------------------------------------

    /**
     * Release lock
     *
     * Releases a previously acquired lock
     *
     * @return    bool
     */
    protected function _release_lock()
    {
        if (isset($this->_redis, $this->_lock_key) && $this->_lock) {
            if (!$this->_redis->delete($this->_lock_key)) {
                log_message('error', 'Session: Error while trying to free lock for ' . $this->_lock_key);
                return FALSE;
            }

            $this->_lock_key = NULL;
            $this->_lock = FALSE;
        }

        return TRUE;
    }

    // ------------------------------------------------------------------------

    /**
     * Close
     *
     * Releases locks and closes connection.
     *
     * @return    bool
     */
    public function close()
    {
        if (isset($this->_redis)) {
            try {
                if ($this->_redis->ping() === '+PONG') {
                    $this->_release_lock();
                    if ($this->_redis->close() === FALSE) {
                        return $this->_fail();
                    }
                }
            } catch (RedisException $e) {
                log_message('error', 'Session: Got RedisException on close(): ' . $e->getMessage());
            }

            $this->_redis = NULL;
            return $this->_success;
        }

        return $this->_success;
    }

    // ------------------------------------------------------------------------

    /**
     * Destroy
     *
     * Destroys the current session.
     *
     * @param    string $session_id Session ID
     * @return    bool
     */
    public function destroy($session_id)
    {
        if (isset($this->_redis, $this->_lock_key)) {
            if (($result = $this->_redis->delete($this->_key_prefix . $session_id)) !== 1) {
                log_message('debug', 'Session: Redis::delete() expected to return 1, got ' . var_export($result, TRUE) . ' instead.');
            }

            $this->_cookie_destroy();
            return $this->_success;
        }

        return $this->_fail();
    }

    // ------------------------------------------------------------------------

    /**
     * Garbage Collector
     *
     * Deletes expired sessions
     *
     * @param    int $maxlifetime Maximum lifetime of sessions
     * @return    bool
     */
    public function gc($maxlifetime)
    {
        // Not necessary, Redis takes care of that.
        return $this->_success;
    }

}
